CVE-2023-32484 (CVSS 9.8): Remote Control Risk in Dell EMC Networks

by do son · February 17, 2024

A recently disclosed vulnerability in Dell EMC Enterprise SONiC (CVE-2023-32484) could have profound consequences for your data center network security. This flaw opens the door for remote attackers to execute commands and seize complete control of affected network switches. With a CVSS rating of 9.8 (Critical), immediate action is necessary.

Dell EMC Enterprise SONiC, a popular open-source network operating system, leverages Linux to power scalable and efficient network solutions. CVE-2023-32484 in question lies specifically within certain older versions of Enterprise SONiC. By exploiting an input validation weakness, a malicious actor can:

Bypass Authentication: Operate without a username or password.
Inject Commands: Run arbitrary commands on the targeted switch.
Escalate Privileges: Gain the highest level of system access – essentially ‘owning’ the switch.

A successful attack exploiting this vulnerability would grant the attacker a dangerous degree of control. Imagine these scenarios:

Network Disruption: Shutting down critical communication channels, and sabotaging business operations.
Data Exfiltration: Sensitive information flowing out of your network into malicious hands.
Lateral Movement: Attackers using the compromised switch as a launchpad to spread further within your network.

“A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. This is a Critical vulnerability affecting certain protocols, Dell recommends customers to upgrade at the earliest opportunity,” reads the security advisory.

There are no workarounds. Promptly updating to patched versions of Enterprise SONiC is the only reliable way to protect yourself. Dell has released these fixed versions: